[thecatapps]

I'm failing to see why they didn't just adopt Private Access Tokens (not that they're great either), where they could have at least:

- pretended that it wasn't all about invading peoples' privacy.

- done a good ol' fashioned "but Apple does it"

- pretended to be standards-oriented

- advertised it as something completely transparent to the end-user

Seems like that would've caused a lot less backlash while still achieving the goal of having some form of device attestation -- but I'm guessing that's not the real goal.

[treis]

It doesn't fundamentally solve anything. You want to be able to identify a specific person or at least a relatively expensive device so that if you ban them they stay banned.

[rockskon]

As others in this thread have commented - there are scammer hubs where a single person controls hundreds if not thousands of phones at a time.

The people who this method is most hoping to stop are the least likely to be impacted by it in the long run.

[altairprime]

This is the exact method used to secure iMessage against spam: secure attestation and ‘console’ bans of devices (reversible by iirc phoning support, indicating who you purchased the used device from, and providing an ID). But Google is trying to pull a Windows 11 “TPM or die” conversion on the public Internet via Recaptcha. Welcome to the attestation wars, unwitting websites :)

[supriyo-biswas]

Private access tokens are also a repackaged WEI as far as I'm concerned.

[incompatible]

"pretended" ... do they even care any more?

[FateOfNations]

Not Invented Here Syndrome?

[nightpool]

The article mentions that they use Private Access Tokens on iOS, so I'm not sure where you're getting the idea that they're "not adopting" them from